what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2021-20289

Status Candidate

Overview

A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.

Related Files

Red Hat Security Advisory 2021-4767-01
Posted Nov 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4767-01 - This release of Red Hat Integration - Camel Extensions for Quarkus - 2.2 GA serves as a replacement for tech-preview 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, deserialization, information leakage, resource exhaustion, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-14326, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2020-27218, CVE-2020-27223, CVE-2020-28052, CVE-2020-28491, CVE-2021-20289, CVE-2021-20328, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165
MD5 | d880ef6964a5149dc3cd400671e6bfeb
Red Hat Security Advisory 2021-4676-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4676-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | 0bf5111ec26f5a268c19ac49b1367322
Red Hat Security Advisory 2021-4679-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4679-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | cda8b431767d1c91cc1d7236e64c8925
Red Hat Security Advisory 2021-4677-01
Posted Nov 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4677-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.2 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include denial of service and memory leak vulnerabilities.

tags | advisory, java, denial of service, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2021-20289, CVE-2021-30129, CVE-2021-3629, CVE-2021-3717, CVE-2021-37714
MD5 | 53daa4a7aac9e0c64e9da84ce872055f
Red Hat Security Advisory 2021-4100-01
Posted Nov 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4100-01 - This release of Red Hat Integration - Service registry 2.0.2.GA serves as a replacement for 2.0.1.GA, and includes the below security fixes. Issues addressed include a cross site scripting vulnerability.

tags | advisory, registry, xss
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2021-20289, CVE-2021-20293
MD5 | 754feedd1a70604cce602b17c7604884
Red Hat Security Advisory 2021-3880-01
Posted Oct 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3880-01 - This release of Red Hat build of Quarkus 2.2.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-26291, CVE-2021-3642
MD5 | b666b5a32779c184432538a72225a9cd
Red Hat Security Advisory 2021-3700-01
Posted Sep 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3700-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include bypass, denial of service, information leakage, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-27223, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28169, CVE-2021-29425, CVE-2021-3425, CVE-2021-34428, CVE-2021-34429, CVE-2021-3763
MD5 | 1af9c0c3e193e8ece7d9750aa2c64703
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close